Lucene search
K

204562 matches found

CVE
CVE
added 3 days ago12 views

CVE-2026-57028

CVE-2026-57028 affects Juniper Networks Junos OS Evolved. An incorrectly initialized process meant to communicate only internally can be reached over the network via an open port, enabling an unauthenticated, network-based attacker to gain unauthorized access to license management. Affected scope...

7.3CVSS5.9AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-57028 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internall...

7.3CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-57022 Junos OS: MX Series with SPC3, SRX Series: Specific packet in response to a TCP connection establishment by the affected device can crash the PFE

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device initiates a TCP...

8.2CVSS0.00405EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-57022

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device initiates a TCP...

8.2CVSS6AI score0.00405EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago10 views

CVE-2026-57020

CVE-2026-57020 affects Junos OS on Juniper’s QFX10000 Series. The issue arises in the packet forwarding engine (pfe) where an unauthenticated, adjacent attacker can trigger a DoS by sending IPv6 multicast traffic in an EVPN-VxLAN setup; if these packets reach the spine’s non-IRB interface, they f...

7.1CVSS6AI score0.00269EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-57020

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on QFX10000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all QFX10000 platforms in an EVPN-VxLAN scenario, if an...

7.1CVSS6AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-33803 Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process whi...

6.9CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-33802 Junos OS: EX Series: Unauthorized users can execute service-impacting CLI command

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS. On EX2300, EX4000, EX4100, EX4300-MP Multigigabit and EX4400 switches, an authenticated, local attacker with no specific permissions ...

6.8CVSS0.00123EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-33802

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS. On EX2300, EX4000, EX4100, EX4300-MP Multigigabit and EX4400 switches, an authenticated, local attacker with no specific permissions ...

6.8CVSS6AI score0.00123EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42702

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...

7.1CVSS5.9AI score0.00281EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-33801

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...

7.1CVSS5.9AI score0.00281EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-33800

An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.Micro-BFD session flaps generate respective up/down events which are queued by PFEMAN for...

7.1CVSS5.9AI score0.00269EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42700

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS6AI score0.0036EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-33794

An Improper Check for Unusual or Exceptional Conditions vulnerability in the advanced forwarding toolkit evo-aftmand of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated network-based attacker generating continuous routing updates, resulting in unilist ECMP routes, to cras...

8.2CVSS6AI score0.00405EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-55207

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker who knows a valid admin username can take over any Pimcore admin account by sending a password reset request with an attacker-controlled resetPasswordUrl. The server...

8.8CVSS6AI score0.0035EPSS
Exploits0References6Affected Software1
CVE
CVE
added 3 days ago14 views

CVE-2026-21901

CVE-2026-21901 describes a NULL pointer dereference in Juniper Networks Junos OS and Junos OS Evolved mgd (management daemon) when a local, high-privileged user configures or deactivates a specific 'system services ssh' parameter. The vulnerability causes an mgd crash and restart, enabling a sust...

6.7CVSS6.1AI score0.00166EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-12590

A flaw was found in body-parser. When the parser is configured with an invalid limit option, such as an unparseable string or a non-numeric value, the request body size check is bypassed. This allows a remote attacker to send arbitrarily large payloads, consuming excessive memory and CPU resource...

5.9CVSS5.9AI score0.0025EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-15308

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS5.8AI score0.00553EPSS
Exploits0References10
NVD
NVD
added 3 days ago7 views

CVE-2026-55590

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

5.1CVSS0.00578EPSS
Exploits0References10
EUVD
EUVD
added 3 days ago9 views

EUVD-2026-42681

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS6AI score0.00475EPSS
Exploits0References1
Rows per page
Query Builder